Authors: Olena Shevchenko, Dmytro Bondarenko, Iryna Kovalenko, Andriy Melnyk
Abstract: Modern IT environments increasingly span a mix of Linux, UNIX (Solaris and AIX), and Windows systems, creating significant challenges in managing decentralized user accounts, enforcing strong authentication, and maintaining comprehensive audit trails. Security and compliance frameworks including HIPAA, SOX, and NIST SP 800-53 demand centralized control over identity and privileged access, yet many organizations still rely on fragile local account systems or disparate tools. This fragmented model often leads to inconsistent enforcement, audit gaps, and elevated risk of unauthorized access. This review examines CentrifyDC, an Active Directory bridge that delivers unified, centralized authentication and role-based access control across heterogeneous environments. By integrating with Linux Pluggable Authentication Modules (PAM), Name Service Switch (NSS), SSH, and native Role-Based Access Control (RBAC) for Solaris and AIX, CentrifyDC enables seamless AD-based login, command-level delegation, and multi-factor authentication. Privileged sessions are audited, logged, and stored centrally, bolstering compliance while minimizing reliance on sudo or multiple account stores. Deployment considerations and operational benefits are highlighted through real-world use cases from high-performance research clusters and Solaris-based healthcare infrastructure to AIX servers in government environments. CentrifyDC demonstrates how centralized policy inheritance, zone-based delegation, and secure PAM routines enforce least privilege and simplify administration across large fleets. Performance optimizations including login caching and load balancing are evaluated to ensure scalability. The review concludes with an exploration of future enhancements, such as integration with Azure Active Directory and Okta, AI-driven access risk modeling, and Infrastructure-as-Code pipelines for automated policy deployment. These developments promise to extend centralized access control into hybrid cloud environments and DevSecOps workflows. Ultimately, CentrifyDC offers a robust, compliant, and future-ready solution for managing identity and privileged access across diverse operating systems under a unified directory infrastructure.
DOI: https://doi.org/10.5281/zenodo.15848025
